Android Community Demands MIUI ROM Comply With FOSS Licenses

A thorn in the side of many free software loving Android users, the Chinese MIUI ROM has long been accused of riding on the success of Android without fully complying with the free and open source licenses which it’s based on. MIUI’s developer, Xiaomi, has managed to cultivate a considerable fanbase for their ROM, adding insult to injury for many opponents. Xioami has even been so bold as to put their own phone into production, running (naturally) their license-violating software.

The idea that an Android spin-off doesn’t comply with the free and open source licenses that made Android possible in the first place, and further, that it is widely used and supported, has upset a sizable portion of the Android community. As a first step, a petition has recently been started to try and build enough momentum to force Xioami to comply with all appropriate licenses.

License Confusion

One of Android’s biggest draws, at least for the tech savvy crowd, is that it’s released as free and open source software.

Of course, the idea of “open” is thrown around a lot these days, and its getting to the point that the actual meaning seems to be diluted a bit. So it may come as a surprise to many that not all of Android is actually open source, indeed, some components are completely closed. What’s more, the specific licensing of Android means that it doesn’t necessarily grant you the same freedoms as other FOSS projects.

The core of the issue is that Android is released under the Apache 2.0 License, not the more familiar GNU General Public License. While both are “free software” licenses, the Apache license is what is known as a “permissive” license, which essentially means it doesn’t place as stringent requirements on how the software is distributed going forward.

The GPL requires that all software derived from GPL licensed software also be licensed under the GPL. In other words, if you use free and open source software to make your software, you need to keep the software open going forward. This particular clause in the GPL was intended to help free software grow, and keep anyone from developing proprietary functions and features which couldn’t be replicated by other developers.

But the Apache license is different. It does not require that software based on Apache licensed software actually keep the same license. In fact, you can absolutely take an Apache licensed project, modify it, and then release it as completely closed software.

Essentially, this is exactly what Xioami has done with MIUI. They took the Apache licensed Android, branched it into their own custom mobile operating system, and decided to keep the source closed. Unfortunately, this is completely allowed with the Apache license.

So what’s the problem? The primary issue is that, while Android itself is licensed under Apache, the Linux kernel which it uses is not. Linux is GPL software, so unless Xioami wants to develop a replacement for the Linux side of Android, they need to make their kernel modifications public. While the kernel modifications are only a small part of the modifications Xioami has done to create MIUI, it does include the low-level work Xioami has done to push things like performance and energy efficiency.

OpenMIUI

Show your support for the project by signing our petition against Xiaomi for ignoring GPL licensing Kernel and also other elements of MIUI.

Users are then asked for their email address, name, and an optional comment which they want to leave. Once signed up, you’ll be added to a mailing list which will (hopefully) communicate some good news in the future as to OpenMIUI’s progress with the petition.

While this author has never had much faith in online petitions, it’s a good first step in getting the community at large to recognize that Xiaomi hasn’t been playing by the rules with their development of MIUI. With a little luck, it might just get the ball rolling in the right direction.

Tom is a Network Engineer with focus on GNU/Linux and open source software. He is a frequent submitter to "2600", and maintains a personal site of his projects and areas of research at: www.digifail.com .

Related posts

“if you use free and open source software to make your software, you need to keep the software open going forward”

That is not correct. If I use the GPL-licensed gcc to compile my application, I do not need to keep my application open. A better wording would be ” if you modify free and open source software and distribute it, you need to keep the software open going forward”.

http://twitter.com/Keladeine Ártemis, a cintia

If you include a GPL library as PART of your software, you need to release your software as GPL.

If it’s just using it, or calling other process (executing System.call(“gcc”)) is different.

John

Not really, you just need to keep the library free and open. If you don’t change the library there isn’t much to do at all.

euronymous

Unlike in the US, GPL doesn;t have any teeth under China (and South Korea) copyright laws. They will simply ignore it, and that will be legal under China’s jurisdiction.

Chris

If Xiaomi did not modify the linux kernel and instead wrote new kernel modules they are in no way violating the GPLv2 license.

noname

new kernel modules are a modification (really, derived work) of the kernel… so you’re incorrect. The userspace interface is the only valid licensing barrier…. All other ways are up to your lawyers to decide if it’s worth taking the risk of being sued for infringement.

http://twitter.com/Keladeine Ártemis, a cintia

Even if you haven’t modified can be an infringement. I have no idea of this specific case, how the kernel was modified or are used.

http://twitter.com/chrisalexthomas Christopher Thomas

what kernel modifications did they make? anybody have a list?

Deckard_Cain

If they are using MIUI as closed source you can’t know that.

http://twitter.com/chrisalexthomas Christopher Thomas

so basically until somebody can show there is a modified linux kernel, there is nothing for MIUI to prove.

since the system is just a bunch of files, you can inspect the kernel binary to see what modifications have been done, it’s not like the filesystem is encrypted, lots of people have lots of expertise in this area and finding out whether kernel modifications have been done is relatively easy for those people.

plus, I doubt any kernel modifications have been done, since who really customises the kernel now? I havent compiled a kernel for more than 10 years because the default builds are good enough, since MIUI is more or less just a user interface built on top of android, it’s reasonable enough to assume no modifications have been done.

so they have no case to answer, unless somebody can show me a kernel modification that isn’t already present in cyanogenmod for example.

I’m not saying there is nothing to do, I’m just saying that the likelihood of anything violating the GPL here is very small, but relatively easy to prove for those individuals who have the aforementioned skills, of which in the linux community there are many.

http://twitter.com/mralanorth Alan Orth

ARM SoCs aren’t like PCs. Each different ARM version (Exynos, Snapdragon, OMAP, Rockchip, AllWinner, etc) has tiny differences. You can’t just “take” the kernel source from kernel.org and compile it for your random ARM device…

Also, the GPL doesn’t care about “modifications.” If you use Linux code, you must release your source. The GPL is a “viral” license; your code must also be GPL.

In this particular debate it doesn’t matter whether you like it or not; it’s the license chosen by the authors of the Linux kernel.

http://twitter.com/chrisalexthomas Christopher Thomas

the GPL cares about DISTRIBUTION, not MODIFICATION.

Under the GPL, you can modify the source as much as you want, the only part of the GPL which requires you to give the changes to other people is when you DISTRIBUTE IT.

This is why the AGPL was developed, because if you run a SASS using GPL code, you techncially aren’t distributing anything, the AGPL makes SASS also come under the release code obligations.

http://twitter.com/chrisalexthomas Christopher Thomas

also, nothing in your reply has made any difference to what I said, so I’m not entirely sure what your point was…..

Colonel Kernel

He was trying to explain to you (since you obviously have no experience with this type of hardware) that modifying the kernel is not some kind of optional performance-related step of building a new Android-based OS.

If you are porting Android to a completely new device, such as the case with the “Xioami Phone”, there ARE kernel modifications. As Alan said, these are not x86 PCs, every device needs specific kernel modifications.

You also seem to be confused about the difference between actually modifying the kernel code (I.E. adding new device drivers) and building a kernel with specific options or modules. We are not talking about doing “make menuconfig” and chosing “Support Shady Chinese Smartphone” from a list of options, but porting the kernel to a totally new device.

Not that it really matters of course; just saying “Oh we didn’t change anything, so we don’t have to release the source.” is a completely unprovable claim UNLESS the source is released. If they didn’t make any changes, then why can’t we see that for ourselves? Why can’t we get their kernel source and build it ourselves to verify nothing has changed?
Saying that source shouldn’t need to be released until somebody can prove there was a modification is a dangerous and completely illogical complacency.
So yes, both things he said definitely did make a difference to what you were trying to claim.

Vaneshi

“the Chinese MIUI” welcome to China, your GPL means “free stuff”… so does everything else just so long as you aren’t a Chinese company yourself.